fix: Ask user to confirm generated passphrase before invocing pinentry

This is to avoid users not seeing their generated password if using e.g. pinentry curses UI. Fixes #3030 Signed-off-by: Dominik Schulz <[email protected]>
gopasspw · Jan 12, 2025 · 528aeef · 528aeef
1 parent b6140bc
commit 528aeef
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/internal/action/setup.go b/internal/action/setup.go
@@ -190,6 +190,11 @@ func (s *Action) initGenerateIdentity(ctx context.Context, crypto backend.Crypto
 	if pwGenerated {
 		out.Printf(ctx, color.MagentaString("Passphrase: ")+passphrase)
 		out.Noticef(ctx, "You need to remember this very well!")
+
+		// Prompt to confirm that the user noted their passphrase
+		if want, err := termio.AskForBool(ctx, "Did you save your passphrase?", true); err != nil || !want {
+			return fmt.Errorf("user did not confirm saving the passphrase: %w", err)
+		}
 	}
 
 	out.Notice(ctx, "🔐 We need to unlock your newly created private key now! Please enter the passphrase you just generated.")